Skip to content

Commit

Permalink
Merge pull request #2 from jaredhendrickson13/development
Browse files Browse the repository at this point in the history 
v0.0.2
  • Loading branch information
@jaredhendrickson13
jaredhendrickson13 authored Apr 22, 2020
2 parents 4a2e538 + 949d8ba commit ea90b93
Show file tree
Hide file tree
Showing 8 changed files with 97 additions and 19 deletions.
1 change: 1 addition & 0 deletions .gitignore
View file
Original file line number Diff line number Diff line change
@@ -1,2 +1,3 @@
.idea
*.DS_Store

4 changes: 2 additions & 2 deletions README.md
View file
Original file line number Diff line number Diff line change
@@ -1,10 +1,10 @@
---
# Introduction
pfSense API is a fast, safe, full-fledged API based on REST architecture. This works by leveraging the same PHP functions and processes used by pfSense's webConfigurator into API endpoints to create, read, update and delete pfSense configurations. All API endpoints enforce input validation to prevent invalid configurations from being made. Configurations made via API are properly written to the master XML configuration and the correct backend configurations are made preventing the need for a reboot. All this results in the fastest, safest, and easiest way to automate pfSense!
pfSense API is a fast, safe, full-fledged HTTP API. This works by leveraging the same PHP functions and processes used by pfSense's webConfigurator into API endpoints to create, read, update and delete pfSense configurations. All API endpoints enforce input validation to prevent invalid configurations from being made. Configurations made via API are properly written to the master XML configuration and the correct backend configurations are made preventing the need for a reboot. All this results in the fastest, safest, and easiest way to automate pfSense!

# Installation
To install pfSense API, simply run the following command from the pfSense shell:<br>
`pkg add https://github.com/jaredhendrickson13/pfsense-api/releases/v0.0.1/pfSense-pkg-API-0.0_1.txz`<br>
`pkg add https://github.com/jaredhendrickson13/pfsense-api/releases/v0.0.2/pfSense-2-4-pkg-API-0.0_2.txz`<br>

To uninstall, run the following command:<br>
`pkg delete pfSense-pkg-API`<br>
Expand Down
6 changes: 5 additions & 1 deletion pfSense-pkg-API/Makefile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@

PORTNAME= pfSense-pkg-API
PORTVERSION= 0.0
PORTREVISION= 1
PORTREVISION= 2
CATEGORIES= sysutils
MASTER_SITES= # empty
DISTFILES= # empty
Expand Down Expand Up @@ -412,6 +412,10 @@ do-install:
${MKDIR} ${STAGEDIR}${PREFIX}/www/api/v1/services/unbound/modify/hosts
${INSTALL_DATA} ${FILESDIR}${PREFIX}/www/api/v1/services/unbound/modify/hosts/index.php \
${STAGEDIR}${PREFIX}/www/api/v1/services/unbound/modify/hosts
# Unbound apply
${MKDIR} ${STAGEDIR}${PREFIX}/www/api/v1/services/unbound/apply
${INSTALL_DATA} ${FILESDIR}${PREFIX}/www/api/v1/services/unbound/apply/index.php \
${STAGEDIR}${PREFIX}/www/api/v1/services/unbound/apply

# INSTALL OUR PKG INFO
${MKDIR} ${STAGEDIR}${DATADIR}
Expand Down
13 changes: 13 additions & 0 deletions pfSense-pkg-API/files/etc/inc/api.inc
View file
Original file line number Diff line number Diff line change
Expand Up @@ -445,6 +445,19 @@ function get_arp_entry($search, $value) {
return $arp_match;
}

// Reload our unbound configuration, restart associated services and clear config locks
function unbound_reload_config() {
$reload_unbound = 0;
$reload_unbound |= services_unbound_configure();
// Check if application was successful
if ($reload_unbound === 0) {
system_resolvconf_generate(); // Update resolveconf
system_dhcpleases_configure(); // Update DHCPD
clear_subsystem_dirty("unbound");
return true;
}
}

// Check if a DNS Resolver (Unbound) host override already exists
function unbound_host_override_exists($hostname, $domain) {
// Local variables
Expand Down
78 changes: 63 additions & 15 deletions pfSense-pkg-API/files/etc/inc/apicalls.inc
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5059,6 +5059,9 @@ function api_services_unbound_delete_hosts() {
if ($client_params['aliases'] === true) {
$a_mode = true;
}
if ($client_params['apply'] === true) {
$apply = $client_params['apply'];
}
// Determine criteria for deletion
if ($h_mode and !$d_mode and !$i_mode) {
$del_mode = "h";
Expand Down Expand Up @@ -5091,6 +5094,8 @@ function api_services_unbound_delete_hosts() {
echo var_dump($a_mode) . PHP_EOL;
echo "MODE:" . PHP_EOL;
echo var_dump($del_mode) . PHP_EOL;
echo "APPLY:" . PHP_EOL;
echo var_dump($apply) . PHP_EOL;
}
// Check that our configuration is a list and loop through each item, otherwise return ok resp
if (array_key_exists("hosts", $config["unbound"]) and is_array($config["unbound"]["hosts"])) {
Expand Down Expand Up @@ -5173,11 +5178,13 @@ function api_services_unbound_delete_hosts() {
usort($hosts_conf, "strcmp");
$config["unbound"]["hosts"] = $hosts_conf;
write_config(sprintf(gettext($change_note)));
$reload_unbound = 0;
$reload_unbound |= services_unbound_configure();
if ($reload_unbound == 0) {
system_resolvconf_generate(); // Update resolveconf
system_dhcpleases_configure(); // Update DHCPD
mark_subsystem_dirty("unbound");
# If user requests immediately application
if ($apply === true) {
$applied = unbound_reload_config();
}
// Return success if our function was successful
if ($applied === true or $apply !== true) {
$api_resp = array("status" => "ok", "code" => 200, "return" => 0);
$api_resp["message"] = "host override deleted";
$api_resp["data"] = $del_list;
Expand Down Expand Up @@ -5255,6 +5262,9 @@ function api_services_unbound_modify_hosts() {
if (isset($client_params['aliases'])) {
$aliases = $client_params['aliases'];
}
if ($client_params['apply'] === true) {
$apply = $client_params['apply'];
}
// Add debug data if requested
if (array_key_exists("debug", $client_params)) {
echo "HOSTNAME:" . PHP_EOL;
Expand All @@ -5273,6 +5283,8 @@ function api_services_unbound_modify_hosts() {
echo var_dump($descr) . PHP_EOL;
echo "ALIASES:" . PHP_EOL;
echo var_dump($aliases) . PHP_EOL;
echo "APPLY:" . PHP_EOL;
echo var_dump($aliases) . PHP_EOL;
}
// Validate our input against our exist configuration
if (unbound_host_override_exists($hostname, $domain) or $i_mode) {
Expand Down Expand Up @@ -5377,11 +5389,13 @@ function api_services_unbound_modify_hosts() {
usort($hosts_conf, "strcmp");
$config["unbound"]["hosts"] = $hosts_conf;
write_config(sprintf(gettext($change_note)));
$reload_unbound = 0;
$reload_unbound |= services_unbound_configure();
if ($reload_unbound == 0) {
system_resolvconf_generate(); // Update resolveconf
system_dhcpleases_configure(); // Update DHCPD
mark_subsystem_dirty("unbound");
# If user requests immediately application
if ($apply === true) {
$applied = unbound_reload_config();
}
// Return success if our function was successful
if ($applied === true or $apply !== true) {
$api_resp = array("status" => "ok", "code" => 200, "return" => 0);
$api_resp["message"] = "Successfully updated unbound host override";
$api_resp["data"] = $update_list;
Expand Down Expand Up @@ -5598,6 +5612,9 @@ function api_services_unbound_add_hosts() {
if (isset($client_params['aliases'])) {
$aliases = $client_params['aliases'];
}
if ($client_params['apply'] === true) {
$apply = $client_params['apply'];
}
// Add debug data if requested
if (array_key_exists("debug", $client_params)) {
echo "HOSTNAME:" . PHP_EOL;
Expand All @@ -5610,6 +5627,8 @@ function api_services_unbound_add_hosts() {
echo var_dump($descr) . PHP_EOL;
echo "ALIASES:" . PHP_EOL;
echo var_dump($aliases) . PHP_EOL;
echo "APPLY:" . PHP_EOL;
echo var_dump($apply) . PHP_EOL;
}
// Validate our input against our exist configuration
if (!unbound_host_override_exists($hostname, $domain)) {
Expand All @@ -5627,11 +5646,13 @@ function api_services_unbound_add_hosts() {
$config["unbound"]["hosts"][] = $host_ent;
usort($config["unbound"]["hosts"], "host_cmp");
write_config(sprintf(gettext($change_note)));
$reload_unbound = 0;
$reload_unbound |= services_unbound_configure();
if ($reload_unbound == 0) {
system_resolvconf_generate(); // Update resolveconf
system_dhcpleases_configure(); // Update DHCPD
mark_subsystem_dirty("unbound");
# If user requests immediately application
if ($apply === true) {
$applied = unbound_reload_config();
}
// Return success if our function was successful
if ($applied === true or $apply !== true) {
$api_resp = array("status" => "ok", "code" => 200, "return" => 0);
$api_resp["message"] = "Successfully added unbound host override";
$api_resp["data"] = $host_ent;
Expand Down Expand Up @@ -5662,6 +5683,33 @@ function api_services_unbound_add_hosts() {
}
}

function api_services_unbound_apply() {
# VARIABLES;
global $err_lib;
$read_only_action = false; // Set whether this action requires read only access
$req_privs = array("page-all", "page-services-dnsresolver-edithost"); // Array of privileges allowing this action
$http_method = $_SERVER['REQUEST_METHOD']; // Save our HTTP method
# RUN TIME
// Check that client is authenticated and authorized
if (api_authorized($req_privs, $read_only_action)) {
// Check that our HTTP method is POST (CREATE)
if ($http_method === 'POST') {
// Check if application was successful
if (unbound_reload_config() === true) {
$api_resp = array("status" => "ok", "code" => 200, "return" => 0);
$api_resp["message"] = "Successfully applied unbound configuration";
$api_resp["data"] = "";
return $api_resp;
} else {
$api_resp = array("status" => "server error", "code" => 500, "return" => 1);
$api_resp["message"] = $err_lib[$api_resp["return"]];
return $api_resp;
}
}
}
}


function api_interfaces_vlans() {
# VARIABLES
global $err_lib, $g, $config, $argv, $userindex, $api_resp, $client_params;
Expand Down
2 changes: 1 addition & 1 deletion pfSense-pkg-API/files/usr/local/share/pfSense-pkg-API/info.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@
<name>API</name>
<internal_name>api</internal_name>
<descr><![CDATA[A full API for pfSense]]></descr>
<website>https://github.com/jaredhendrickson13</website>
<website>pfsense-api.jaredhendrickson.com</website>
<category>System</category>
<version>%%PKGVERSION%%</version>
<configurationfile>api.xml</configurationfile>
Expand Down
10 changes: 10 additions & 0 deletions pfSense-pkg-API/files/usr/local/www/api/v1/services/unbound/apply/index.php
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,10 @@
<?php
# Copyright 2020 - Jared Hendrickson
# IMPORTS
require_once("apicalls.inc");

# RUN API CALL
$resp = api_services_unbound_apply();
http_response_code($resp["code"]);
echo json_encode($resp) . PHP_EOL;
exit();
2 changes: 2 additions & 0 deletions pfSense-pkg-API/pkg-plist
View file
Original file line number Diff line number Diff line change
Expand Up @@ -181,6 +181,7 @@
@dir /usr/local/www/api/v1/services/unbound/start
@dir /usr/local/www/api/v1/services/unbound/stop
@dir /usr/local/www/api/v1/services/unbound/restart
@dir /usr/local/www/api/v1/services/unbound/apply
@dir /usr/local/www/api/v1/services/unbound/add/hosts
@dir /usr/local/www/api/v1/services/unbound/delete/hosts
@dir /usr/local/www/api/v1/services/unbound/modify/hosts
Expand Down Expand Up @@ -209,6 +210,7 @@
/usr/local/www/api/v1/services/unbound/start/index.php
/usr/local/www/api/v1/services/unbound/stop/index.php
/usr/local/www/api/v1/services/unbound/restart/index.php
/usr/local/www/api/v1/services/unbound/apply/index.php
/usr/local/www/api/v1/services/unbound/add/hosts/index.php
/usr/local/www/api/v1/services/unbound/delete/hosts/index.php
/usr/local/www/api/v1/services/unbound/modify/hosts/index.php
Expand Down

0 comments on commit ea90b93

Please sign in to comment.